Fortra® Security & Trust Center

Security Advisory

Insecure Default in FileCatalyst Workflow 5.1.6 Build 139 (and earlier)

Tue, 08/27/2024
The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to a compromise of confidentiality, integrity, or availability of the software.The HSQLDB is only included to facilitate installation, has been deprecated, and is not intended for production use per vendor guides. However,...
FI-2024-011
Critical
CVE-2024-6633
Patch Tuesday
Blog

Patch Tuesday Update August 2024

By Tyler Reguly on Thu, 08/15/2024
The three CVSS 9.8 vulnerabilities included in this month’s patch drop are likely to be the first thing that catches anyone’s attention this month. All three are remote, unauthenticated code execution, the very type of vulnerability where we previously would have used the word, “wormable.”
IT Infrastructure Protection
Security Advisory

Authentication bypass in GoAnywhere MFT prior to 7.6.0

Wed, 08/14/2024
An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification.
FI-2024-009
Medium
CVE-2024-25157
Security Advisory

Denial of Service in CLFS.sys

Mon, 08/12/2024
A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function.
FR-2024-001
Medium
CVE-2024-6768
Emerging Threats

VMWare Active Directory Vulnerability

Tue, 07/30/2024
Fortra is actively researching an authentication bypass vulnerability in VMware – CVE-2024-37085. This vulnerability can allow an attacker to bypass Active Directory integration authentication and obtain administrative access to a host. Updates from VMware and additional mitigation steps are available.
Patch Tuesday
Blog

Patch Tuesday Update July 2024

By Tyler Reguly on Thu, 07/11/2024
The first thing that everyone’s going to talk about this month is SQL Server. More than a quarter of the CVEs assigned by Microsoft this month describe SQL Server vulnerabilities. Thankfully, none of them are critical based on their CVSS scores and they’re all listed as “Exploitation Less Likely.”
Emerging Threats

ServiceNow Remote Code Execution Vulnerability

Wed, 07/10/2024
Fortra is actively investigating a vulnerability in the ServiceNow Vancouver and Washington, D.C. Now Platform releases. This vulnerability, CVE-2024-4879, could enable an unauthenticated user to remotely execute code within the Now Platform. ServiceNow has released an update, patches, and hot fixes to address this vulnerability.
Emerging Threats

OpenSSH Vulnerability - "regreSSHion"

Tue, 07/02/2024
Fortra is actively researching a new vulnerability in OpenSSH dubbed “regreSSHion”. This remote code execution vulnerability – CVE-2024-6387 – could allow an unauthenticated remote attacker to execute arbitrary code as root. Fortra recommends updating sshd as soon as possible to mitigate this threat.
Emerging Threats

Check Point VPN Vulnerability

Wed, 06/26/2024
Fortra is investigating a vulnerability in the Check Point VPN – CVE-2024-24919. This information disclosure vulnerability could allow an attacker to access sensitive information on internet-exposed Check Point Security Gateways with IPsec VPN in the Remote Access VPN community and the Mobile Access software blade. Security updates are available to mitigate this vulnerability.